Security Threats
Prompt injection, data poisoning, cyberattacks
16 episodes
#2698: How Hackers Hide C2 Servers in Plain Sight
Bulletproof hosts, hijacked routers, and Discord channels — how command and control infrastructure stays up despite takedown attempts.
#2691: The Usability Tax of Least Privilege
Is it time to let AI agents handle your API key creation and rotation? We explore the real security tradeoffs.
#2500: What Actually Counts as Hacking?
The CFAA, web scraping, and the messy line between curious URL-poking and federal crime.
#2482: When AI Chatbots Leak Your PDFs via Public S3 Buckets
A user uploaded a sensitive PDF to an AI chatbot. The chatbot stored it in a public S3 bucket with zero authentication.
#2383: The Blame Gap: Public Anger vs. Breach Reality
How much blame do companies deserve for data breaches? The answer isn't as simple as you think.
#2372: Choosing the Right Sandbox for Your Threat Model
Explore the tools and methods for creating secure, isolated environments to test malware, browse privately, and protect sensitive systems.
#2180: The Sandboxing Tradeoff in Agent Design
AI agents need broad permissions to be useful—but every permission expands the attack surface. We map the real threat landscape and the isolation t...
#2134: The Fog-of-War Problem in AI Wargaming
Why shared AI brains make secret-keeping a nightmare, and the four architectural patterns researchers use to fix it.
#2102: Why Don't You Notice AI Security Delays?
Multi-layer security checks add latency, but modern CLIs hide it under 100ms using parallelization and speculation.
#1911: Crowdfunding Open Source: Savior or Trap?
The web is built on code funded by tips. Can platforms like Patreon stop extremists from hijacking the money?
#1796: The Encryption Mirage: Are Your Keys Really Safe?
End-to-end encryption promises privacy, but hidden backdoors and metadata leaks can betray your trust.
#1780: The Danger Zone: Your Browser Extensions
Your encrypted data is safe until it hits your browser. Here's how extensions turn your "secure" browsing into a data leak.
#1773: AI's "Hacky" Command-Line Fixes Are a Security Nightmare
Giving AI agents terminal access speeds up fixes but creates invisible security holes and configuration drift.
#1771: Why Your Docker Images Depend on a 1990s Crypto War
PGP or GPG? We break down the alphabet soup of signing Docker images and AI models, and why it matters for supply chain security.
#1738: Hyperstition Engines: When AI Writes Reality
LLMs aren't just predicting the future; they're generating the narratives that force it into existence.
#1720: Why Hackers Use Lego Instead of Hand-Forged Exploits
Metasploit isn't just a tool; it's the industrial standard for digital break-ins. Here's how it works.